8368c7f634b3e4ff978f19e1b8096e4f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8368c7f634b3e4ff978f19e1b8096e4f_JaffaCakes118
Size

84KB
MD5

8368c7f634b3e4ff978f19e1b8096e4f
SHA1

bb9a28d079b96d3cd8ab05ae4f3a91c0b4d18b75
SHA256

5c1ae5cc965cd6c19b9306cf7e4e4b0f96ce738087e0af54e455161c970e6883
SHA512

e757fce972f3ae0c9bd18869cc063dfe169b4f69debbb5376b8d9418819f6038024f88ec5abdd69950d0e548d2e48dbe4ce44d97f5e49459abac7db6e711a4f6
SSDEEP

768:2G58MnITEg1iZS3zlHkCh7PkbWOwjV9nr22bzCYeEWvzYn+qY0ZSxgJHUtwfy9gi:2G58MIhyoPNrbnS2bzCFqZUelUtpgoz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8368c7f634b3e4ff978f19e1b8096e4f_JaffaCakes118

Files

8368c7f634b3e4ff978f19e1b8096e4f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d71806aea623bf80aef8dc26bda29b8b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

comctl32

ord17

kernel32

OutputDebugStringA
FindClose
Sleep
FindFirstFileA
GetSystemDirectoryA
CreateFileA
ReadFile
RemoveDirectoryA
CloseHandle
SetEndOfFile
SetFilePointer
CreateDirectoryA
DeleteFileA
WriteFile
GetVolumeInformationA
GetVersionExA
DeviceIoControl
RaiseException
SetHandleCount
GetStdHandle
HeapFree
LoadLibraryA
GetProcAddress
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
GetOEMCP
GetACP
GetCPInfo
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
SetConsoleCtrlHandler
FreeEnvironmentStringsA
RtlUnwind
GetFileType
HeapReAlloc
HeapAlloc
GetModuleFileNameA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
SetUnhandledExceptionFilter
GetLastError
MultiByteToWideChar
WideCharToMultiByte
GetCurrentProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
TerminateProcess
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
ExitProcess

msi

ord65
ord112
ord89

user32

SetFocus
MessageBoxA
CreateDialogParamA
ShowWindow
UpdateWindow
wsprintfA
SetWindowTextA
EnableWindow
PostQuitMessage
GetDlgItem
SendMessageA
PeekMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
LoadStringA

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d71806aea623bf80aef8dc26bda29b8b

Headers

File Characteristics

Imports

advapi32

comctl32

kernel32

msi

user32

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 4.0MB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 4.0MB

.rsrc
Size: 8KB - Virtual size: 8KB